You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zookeeper.apache.org by br...@apache.org on 2011/08/21 02:53:47 UTC
svn commit: r1159929 - in /zookeeper/trunk: CHANGES.txt
src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java
src/java/test/org/apache/zookeeper/test/AuthTest.java
Author: breed
Date: Sun Aug 21 00:53:46 2011
New Revision: 1159929
URL: http://svn.apache.org/viewvc?rev=1159929&view=rev
Log:
ZOOKEEPER-1152. Exceptions thrown from handleAuthentication can cause buffer corruption issues in NIOServer.
Modified:
zookeeper/trunk/CHANGES.txt
zookeeper/trunk/src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java
zookeeper/trunk/src/java/test/org/apache/zookeeper/test/AuthTest.java
Modified: zookeeper/trunk/CHANGES.txt
URL: http://svn.apache.org/viewvc/zookeeper/trunk/CHANGES.txt?rev=1159929&r1=1159928&r2=1159929&view=diff
==============================================================================
--- zookeeper/trunk/CHANGES.txt (original)
+++ zookeeper/trunk/CHANGES.txt Sun Aug 21 00:53:46 2011
@@ -428,6 +428,8 @@ NEW FEATURES:
ZOOKEEPER-938. Support Kerberos authentication of clients. (Eugene Koontz
via mahadev)
+ ZOOKEEPER-1152. Exceptions thrown from handleAuthentication can cause buffer corruption issues in NIOServer. (camille via breed)
+
Release 3.3.0 - 2010-03-24
Non-backward compatible changes:
Modified: zookeeper/trunk/src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java
URL: http://svn.apache.org/viewvc/zookeeper/trunk/src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java?rev=1159929&r1=1159928&r2=1159929&view=diff
==============================================================================
--- zookeeper/trunk/src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java (original)
+++ zookeeper/trunk/src/java/main/org/apache/zookeeper/server/ZooKeeperServer.java Sun Aug 21 00:53:46 2011
@@ -48,6 +48,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.apache.zookeeper.Environment;
import org.apache.zookeeper.KeeperException;
+import org.apache.zookeeper.KeeperException.Code;
import org.apache.zookeeper.KeeperException.SessionExpiredException;
import org.apache.zookeeper.ZooDefs.OpCode;
import org.apache.zookeeper.data.ACL;
@@ -862,9 +863,16 @@ public class ZooKeeperServer implements
ZooKeeperServer.byteBuffer2Record(incomingBuffer, authPacket);
String scheme = authPacket.getScheme();
AuthenticationProvider ap = ProviderRegistry.getProvider(scheme);
- if (ap == null
- || (ap.handleAuthentication(cnxn, authPacket.getAuth())
- != KeeperException.Code.OK)) {
+ Code authReturn = KeeperException.Code.AUTHFAILED;
+ if(ap != null) {
+ try {
+ authReturn = ap.handleAuthentication(cnxn, authPacket.getAuth());
+ } catch(RuntimeException e) {
+ LOG.warn("Caught runtime exception from AuthenticationProvider: " + scheme + " due to " + e);
+ authReturn = KeeperException.Code.AUTHFAILED;
+ }
+ }
+ if (authReturn!= KeeperException.Code.OK) {
if (ap == null) {
LOG.warn("No authentication provider for scheme: "
+ scheme + " has "
Modified: zookeeper/trunk/src/java/test/org/apache/zookeeper/test/AuthTest.java
URL: http://svn.apache.org/viewvc/zookeeper/trunk/src/java/test/org/apache/zookeeper/test/AuthTest.java?rev=1159929&r1=1159928&r2=1159929&view=diff
==============================================================================
--- zookeeper/trunk/src/java/test/org/apache/zookeeper/test/AuthTest.java (original)
+++ zookeeper/trunk/src/java/test/org/apache/zookeeper/test/AuthTest.java Sun Aug 21 00:53:46 2011
@@ -35,7 +35,8 @@ public class AuthTest extends ClientBase
static {
// password is test
System.setProperty("zookeeper.DigestAuthenticationProvider.superDigest",
- "super:D/InIHSb7yEEbrWz8b9l71RjZJU=");
+ "super:D/InIHSb7yEEbrWz8b9l71RjZJU=");
+ System.setProperty("zookeeper.authProvider.1", "org.apache.zookeeper.test.InvalidAuthProvider");
}
private AtomicInteger authFailed = new AtomicInteger(0);
@@ -75,6 +76,23 @@ public class AuthTest extends ClientBase
zk.close();
}
}
+
+ @Test
+ public void testBadAuthThenSendOtherCommands() throws Exception {
+ ZooKeeper zk = createClient();
+ try {
+ zk.addAuthInfo("INVALID", "BAR".getBytes());
+ zk.exists("/foobar", false);
+ zk.getData("/path1", false, null);
+ Assert.fail("Should get auth state error");
+ } catch(KeeperException.AuthFailedException e) {
+ Assert.assertEquals("Should have called my watcher",
+ 1, authFailed.get());
+ }
+ finally {
+ zk.close();
+ }
+ }
@Test